TempleDAO Hacked Funds Deposited to Tornado Cash

The TempleDAO exploiter transferred stolen funds to the privacy protocol’s smart contract, according to Etherscan data

by Shalini Nagarajan /
article-image

Source: DALL·E

share

key takeaways

  • Hack amounted to 4% of TempleDAO’s assets
  • Tornado Cash is a sanctioned entity in the US, meaning individuals there are prohibited from dealing with the mixer

A hacker who exploited DeFi protocol TempleDAO used sanctioned crypto mixer Tornado Cash to move their stolen funds.

Earlier this month, the yield-farming protocol was exploited for 1,831 ETH (around $2.34 million). All funds were moved to a new wallet

Etherscan data shows about the same amount of ether was transferred from the hacker’s identified address to a Tornado Cash router on Sunday. The move will obfuscate the destination of the stolen funds. The protocol’s immutable smart contracts are capable of providing privacy for criminals as well as lawful users.

Blockchain investigator PeckShield first noted the exploiter’s use of the crypto mixer.

Loading Tweet..

The transfers began with 0.1 ether, followed within minutes by multiple other transactions worth 100 ether each.

Tornado Cash acts as a cryptoasset mixer, making it extremely difficult to trace precisely the origin of funds withdrawn. It was added to the US Treasury’s sanctioned list of “Specially Designated Individuals” in August, prohibiting people in the country from dealing with the service. 

The Treasury’s primary concern was the mixer’s role in laundering over $455 million worth of cryptoassets stolen by the North Korean hacking group Lazarus. 

Before TempleDAO’s exploit, the protocol’s total value locked stood at about $57 million, according to DeFiLlama. The attack amounted to about 4% of its assets. Security firm BlockSec said the root cause behind it was insufficient access control to a specific function in the affiliated Stax Finance smart contract. 

October marks the highest value of crypto hacked all year

October has so far turned out to be a record month for hacking activity, with stolen funds amounting to $718 million across 11 different DeFi protocols, according to Chainalysis.

The $100 million exploit of Binance’s BNB chain and the $112 million extracted from Mango Markets took place in the last two weeks  — and the month is only half over.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Tags

Upcoming Events

Permissionless III

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

learn more

recent research

Avail.jpg

Research

Avail: A Unification of Crypto Infrastructure

Data publishing costs have historically been a bottleneck for rollups, and as more rollups launch, interoperability will continue to be a major challenge. Avail presents a potential solution to rollup fragmentation through its three products: Avail DA, Nexus, and Fusion, which together aim to unify the web3 experience.

by Ren Yu Kong

/

news

article-image

Op-Ed

Memecoin mania can teach us something

Learn from mistakes that others have made about risk management — that’s next level performance for you

by Haden Patrick /
article-image

Finance

Successful Hong Kong crypto ETF flows would pale in comparison to US funds

The projected medium-term $1 billion inflow total for the Hong Kong crypto funds would represent about 2% of the region’s ETF market

by Ben Strack /
article-image

Policy

Government says CZ threatened US security, recommends doubling Guideline sentence

The government says Zhao “willfully” and strategically put US national security at risk in order to “line his pockets”

by Casey Wagner /
article-image

Web3

Empire Newsletter: Miners and Wall Street eye new AI revenue

AI might be enough to lure institutional investors to miners that have diversified their revenue

by Casey Wagner&David Canellis&Katherine Ross /
article-image

DeFi

Binance’s main stablecoin is diversifying to other exchanges

FDUSD is looking at cross-border payments, layer-2 deployments and payroll

by Jack Kubinec /
article-image

Policy

Ripple proposes ‘no more than $10M’ in penalties after SEC seeks $1.9B

Ripple and the SEC have been locked in a years-long legal battle that started in 2020

by Katherine Ross /